<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Georgia;
panose-1:2 4 5 2 5 4 5 2 3 3;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:Consolas;}
p.CodeStyle, li.CodeStyle, div.CodeStyle
{mso-style-name:CodeStyle;
mso-style-link:"CodeStyle Char";
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Georgia",serif;}
span.CodeStyleChar
{mso-style-name:"CodeStyle Char";
mso-style-link:CodeStyle;
font-family:"Georgia",serif;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xmsonormal, li.xmsonormal, div.xmsonormal
{mso-style-name:x_msonormal;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xcodestyle, li.xcodestyle, div.xcodestyle
{mso-style-name:x_codestyle;
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Georgia",serif;}
p.xmsonormal0, li.xmsonormal0, div.xmsonormal0
{mso-style-name:x_msonormal0;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xxmsonormal, li.xxmsonormal, div.xxmsonormal
{mso-style-name:x_xmsonormal;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xxmsolistparagraph, li.xxmsolistparagraph, div.xxmsolistparagraph
{mso-style-name:x_xmsolistparagraph;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xxmsonormal0, li.xxmsonormal0, div.xxmsonormal0
{mso-style-name:x_xmsonormal0;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xxcodestyle, li.xxcodestyle, div.xxcodestyle
{mso-style-name:x_xcodestyle;
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Georgia",serif;}
p.xxmsochpdefault, li.xxmsochpdefault, div.xxmsochpdefault
{mso-style-name:x_xmsochpdefault;
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman",serif;}
p.xmsochpdefault, li.xmsochpdefault, div.xmsochpdefault
{mso-style-name:x_msochpdefault;
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman",serif;}
span.xmsohyperlink
{mso-style-name:x_msohyperlink;
color:blue;
text-decoration:underline;}
span.xmsohyperlinkfollowed
{mso-style-name:x_msohyperlinkfollowed;
color:purple;
text-decoration:underline;}
span.xcodestylechar
{mso-style-name:x_codestylechar;
font-family:"Georgia",serif;}
span.xhtmlpreformattedchar
{mso-style-name:x_htmlpreformattedchar;
font-family:Consolas;}
span.xxmsohyperlink
{mso-style-name:x_xmsohyperlink;
color:blue;
text-decoration:underline;}
span.xxmsohyperlinkfollowed
{mso-style-name:x_xmsohyperlinkfollowed;
color:purple;
text-decoration:underline;}
span.xxhtmlpreformattedchar
{mso-style-name:x_xhtmlpreformattedchar;
font-family:Consolas;}
span.xxcodestylechar
{mso-style-name:x_xcodestylechar;
font-family:"Georgia",serif;}
span.xxemailstyle24
{mso-style-name:x_xemailstyle24;
font-family:"Calibri",sans-serif;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
span.xxemailstyle25
{mso-style-name:x_xemailstyle25;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.xxemailstyle26
{mso-style-name:x_xemailstyle26;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.xemailstyle35
{mso-style-name:x_emailstyle35;
font-family:"Calibri",sans-serif;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
span.EmailStyle44
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Yes – the switchover should be easy so I don’t see why we can’t make it happen on Monday. I’ll coordinate w/ CNI. I’ll also have them build a new server, pansophy-2018 so
we can do the same thing with that.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Valerie Bookwalter <bookwalt@jlab.org>
<br>
<b>Sent:</b> Tuesday, April 14, 2020 2:07 PM<br>
<b>To:</b> Bobby Lawrence <robertl@jlab.org>; Kari Heffner <heffner@jlab.org><br>
<b>Cc:</b> E. Anne McEwen <mcewen@jlab.org>; Tony Reilly <areilly@jlab.org>; pansophy <pansophy@jlab.org><br>
<b>Subject:</b> Re: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">Bobby,</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">That sounds good.
</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">So, can we set a date of Monday the 20th Apr to throw the switch on pansophydev?</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">I'll let you know if something horrible happens before then (LOL).</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">Yes, we need a new 64bit production server built and all software upgraded/installed. I guess that can be done in the background while we are testing development?
</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">If this works for you then let's do this!</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">Thank You!</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif;color:black">Valerie (P-Team)</span><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div class="MsoNormal" align="center" style="margin-left:.5in;text-align:center">
<hr size="3" width="98%" align="center">
</div>
<div id="divRplyFwdMsg">
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black"> Bobby Lawrence <<a href="mailto:robertl@jlab.org">robertl@jlab.org</a>><br>
<b>Sent:</b> Tuesday, April 14, 2020 1:53 PM<br>
<b>To:</b> Valerie Bookwalter <<a href="mailto:bookwalt@jlab.org">bookwalt@jlab.org</a>>; Kari Heffner <<a href="mailto:heffner@jlab.org">heffner@jlab.org</a>><br>
<b>Cc:</b> E. Anne McEwen <<a href="mailto:mcewen@jlab.org">mcewen@jlab.org</a>>; Tony Reilly <<a href="mailto:areilly@jlab.org">areilly@jlab.org</a>>; pansophy <<a href="mailto:pansophy@jlab.org">pansophy@jlab.org</a>><br>
<b>Subject:</b> RE: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span>
<o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="xmsonormal" style="margin-left:.5in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Great news.
<br>
I think it would be better to simply retire the pansophydev server and make pansophydev.jlab.org an alias for pansophydev-2018. Then we can have a new server built (pansophy-2018) and do the same with the production server. That way we aren’t upgrading an
existing machine in place, which is a bit tricker and harder to roll back if things go awry. Also, both pansophydev and pansophy are running an older version of Apache and are 32-bit instead of 64-bit so switching over to a new machine would be ideal.<br>
Currently pansophydev-2018 is pointing at the same document root as pansophydev, we could easily do the same with the new pansophy-2018 which would mean you wouldn’t have to do any git cloning.<br>
If you are ok with this, I’ll have the CNI group build a new pansophy-2018 server…</span><o:p></o:p></p>
<p class="xmsonormal" style="margin-left:.5in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="xmsonormal" style="margin-left:1.0in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Valerie Bookwalter <<a href="mailto:bookwalt@jlab.org">bookwalt@jlab.org</a>>
<br>
<b>Sent:</b> Tuesday, April 14, 2020 1:36 PM<br>
<b>To:</b> Kari Heffner <<a href="mailto:heffner@jlab.org">heffner@jlab.org</a>><br>
<b>Cc:</b> Bobby Lawrence <<a href="mailto:robertl@jlab.org">robertl@jlab.org</a>>; E. Anne McEwen <<a href="mailto:mcewen@jlab.org">mcewen@jlab.org</a>>; Tony Reilly <<a href="mailto:areilly@jlab.org">areilly@jlab.org</a>>; pansophy <<a href="mailto:pansophy@jlab.org">pansophy@jlab.org</a>><br>
<b>Subject:</b> Re: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span><o:p></o:p></p>
</div>
</div>
<p class="xmsonormal" style="margin-left:1.0in"> <o:p></o:p></p>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">Kari / Bobby,</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">The Pansophy Team has been working on getting our software updated. We are close to being ready to convert. We should be ready by Friday.</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">So, what steps do I need to take to prepare for the server conversion?</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">We are working on pansophydev-2018.jlab.org CF2018.</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">We are utilizing github so we will have to clone the new repository.</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">I would like to upgrade our development server first to make sure we understand all the steps that need to be taken (pansophydev.jlab.org). Test and then
upgrade the production server (pansophy.jlab.org).</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">We had to create a new virtual server for this version of CF. There were several people involved to put all the pieces in place. </span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">Will you let me know how I should proceed to request this upgrade and an estimate of time-frame to complete so that I can inform my supervisors and we
can prepare our users for the upgrade?</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">Thank You.</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-family:"Calibri",sans-serif;color:black">Valerie (Pansophy Team)</span><o:p></o:p></p>
</div>
<div>
<p class="xmsonormal" style="margin-left:1.0in"><span style="font-size:16.0pt;font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<div class="MsoNormal" align="center" style="margin-left:.5in;text-align:center">
<hr size="3" width="98%" align="center">
</div>
</div>
<div id="x_divRplyFwdMsg">
<p class="xmsonormal" style="margin-left:1.0in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black"> Kari Heffner <</span><a href="mailto:heffner@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">heffner@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">><br>
<b>Sent:</b> Tuesday, March 24, 2020 5:38 PM<br>
<b>To:</b> Valerie Bookwalter <</span><a href="mailto:bookwalt@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">bookwalt@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">><br>
<b>Cc:</b> Bobby Lawrence <</span><a href="mailto:robertl@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">robertl@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">><br>
<b>Subject:</b> FW: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span>
<o:p></o:p></p>
<div>
<p class="xmsonormal" style="margin-left:1.0in"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="xxmsonormal" style="margin-left:1.0in">Valerie, see the below for important security updates for the pansophy ColdFusion server. There are no updates for CF10 and so you need to be on a supported version of CF. In order to get your servers updated,
bobby needs to get you all to the new server version he installed a while ago. When do you think that can happen?<o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in">Thanks!<o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in">Kari<o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="xxmsonormal" style="margin-left:1.0in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Bobby Lawrence <</span><a href="mailto:robertl@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">robertl@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">>
<br>
<b>Sent:</b> Tuesday, March 24, 2020 4:54 PM<br>
<b>To:</b> Kari Heffner <</span><a href="mailto:heffner@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">heffner@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">>; Dana Cochran <</span><a href="mailto:cochran@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">cochran@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">><br>
<b>Subject:</b> FW: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span><o:p></o:p></p>
</div>
</div>
<p class="xxmsonormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Looks like we have CF updates to do. I just logged into miswebvm1 and there is an update available to apply</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.0in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Greg Nowicki <</span><a href="mailto:gnowicki@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">gnowicki@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">>
<br>
<b>Sent:</b> Tuesday, March 24, 2020 4:50 PM<br>
<b>To:</b> Bobby Lawrence <</span><a href="mailto:robertl@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">robertl@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">><br>
<b>Cc:</b> David Sheppard <</span><a href="mailto:sheppard@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">sheppard@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">>;
</span><a href="mailto:secops@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">secops@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">;
</span><a href="mailto:seclog@jlab.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">seclog@jlab.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><br>
<b>Subject:</b> Fw: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span><o:p></o:p></p>
</div>
</div>
<p class="xxmsonormal" style="margin-left:1.5in"> <o:p></o:p></p>
<div>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-family:"Calibri",sans-serif;color:black">FYI. Looks like we have some serious vulnerabilities in ColdFusion.</span><o:p></o:p></p>
</div>
<div>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-family:"Calibri",sans-serif;color:black">Greg</span><o:p></o:p></p>
</div>
<div>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div>
<div>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-family:"Calibri",sans-serif;color:black"> </span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<div style="margin-left:.5in">
<div class="MsoNormal" align="center" style="margin-left:.5in;text-align:center">
<hr size="3" width="98%" align="center">
</div>
</div>
</div>
<div id="x_x_divRplyFwdMsg">
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black"> MS-ISAC Advisory <</span><a href="mailto:MS-ISAC.Advisory@msisac.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">MS-ISAC.Advisory@msisac.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">><br>
<b>Sent:</b> Wednesday, March 18, 2020 21:49<br>
<b>To:</b> Thomas Duffy <</span><a href="mailto:Thomas.Duffy@cisecurity.org"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Thomas.Duffy@cisecurity.org</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">><br>
<b>Subject:</b> [EXTERNAL] MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span>
<o:p></o:p></p>
<div>
<p class="xxmsonormal" style="margin-left:1.5in"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="xxmsonormal" align="center" style="margin-left:1.5in;text-align:center">
<b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">TLP: WHITE</span></b><o:p></o:p></p>
<p class="xxmsonormal" align="center" style="margin-left:1.5in;text-align:center">
<b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">MS-ISAC CYBERSECURITY ADVISORY</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">MS-ISAC ADVISORY NUMBER:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">2020-039</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">DATE(S) ISSUED:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">03/18/2020</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">SUBJECT:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">OVERVIEW:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple vulnerabilities have been discovered in Adobe Photoshop, ColdFusion, and Bridge that could allow for arbitrary code execution. Adobe Photoshop
is a graphics editor program. Adobe Bridge is a file management application that manages files across multiple Adobe programs. Adobe ColdFusion is a rapid web-application development platform used to create and maintain web applications. Successful exploitation
of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create
new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">THREAT INTELLIGENCE:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">There are no reports of these vulnerabilities being exploited in the wild.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">SYSTEMS AFFECTED:</span></b><o:p></o:p></p>
<p class="xxmsolistparagraph" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Adobe Bridge version 10.0 and earlier versions</span><o:p></o:p></p>
<p class="xxmsolistparagraph" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Adobe ColdFusion 2016 Update 13 and earlier versions</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Adobe ColdFusion 2018 Update 7 and earlier versions</span><o:p></o:p></p>
<p class="xxmsolistparagraph" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Adobe Photoshop CC 2019 version 20.0.8 and earlier versions</span><o:p></o:p></p>
<p class="xxmsolistparagraph" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Adobe Photoshop 2020 version 21.1 and earlier versions</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">RISK:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Government:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Large and medium government entities:
<b>High</b></span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Small government entities:
<b>Medium</b></span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Businesses:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Large and medium business entities:
<b>High</b></span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Small business entities:
<b>Medium</b></span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Home users: Low</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">TECHNICAL SUMMARY:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple vulnerabilities have been discovered in Adobe Photoshop, ColdFusion, and Bridge that could allow for arbitrary code execution. The vulnerabilities
are as follows:</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsolistparagraph" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Out-of-bounds write vulnerability could allow for Arbitrary Code Execution. (CVE-2020-9551)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Heap-based buffer overflow vulnerability could allow for Arbitrary Code Execution. (CVE-2020-9552)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Remote file read vulnerability could allow for Arbitrary File Read from the ColdFusion install directory. (CVE-2020-3761)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">File inclusion vulnerability could allow for Arbitrary Code Execution of files located in the webroot or its subdirectory (CVE-2020-3794)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Heap corruption vulnerability that could allow for Arbitrary Code Execution. (CVE-2020-3783)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple Memory corruption vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788, CVE-2020-3789, CVE-2020-3790)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple Out-of-bounds read vulnerabilities that could allow for Information Disclosure. (CVE-2020-3771, CVE-2020-3777, CVE-2020-3778, CVE-2020-3781, CVE-2020-3782, CVE-2020-3791)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple Out-of-bounds write vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3773, CVE-2020-3779)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Multiple Buffer errors vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3770, CVE-2020-3772, CVE-2020-3774, CVE-2020-3775, CVE-2020-3776, CVE-2020-3780)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user.
Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be
less impacted than those who operate with administrative user rights.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">RECOMMENDATIONS:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif">We recommend the following actions be taken:</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Install updates provided by Adobe and related Coldfusion JDK/JRE versions immediately after appropriate testing.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Remind users not to visit websites or follow links provided by unknown or untrusted sources.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:2.0in;text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif">Apply the Principle of Least Privilege to all systems and services.</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">REFERENCES:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">ADOBE:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8L4VaFdWBML2rV7ll5Prvn-Ln1YNGftY5mc3JZGy1AQ&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">https://helpx.adobe.com/security.html</span></a><span style="font-size:11.0pt;font-family:"Arial",sans-serif">
</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_bridge_apsb20-2D17.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=gz5y_UMZu6dh-mpYEHeqyJCYMojsx6CUqESdq3ICobk&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">https://helpx.adobe.com/security/products/bridge/apsb20-17.html</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_coldfusion_apsb20-2D16.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=QVHvwCuB-h-oFtN0a9Qj0y8-osjlOOjC1D9AX_RFt8o&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_photoshop_apsb20-2D14.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=SGbb-4HsGR6HZYhh6ia9QlvUHVFUqqiITCNWAURdDxU&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">https://helpx.adobe.com/security/products/photoshop/apsb20-14.html</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><b><span style="font-size:11.0pt;font-family:"Arial",sans-serif">CVE:</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3761&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=GFNcPCmgiVNGfLU2ZRQqyZNRQhfRy7ZfzbXMflN6U-0&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3761</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3770&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=KwWSmgI0CB1PcuGE2f0l08FTg1TKzrIkZ6OEZWPXDYk&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3770</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3771&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=P1bfT5UbNLbqB8HExhu0oQZm7eRk6ELRP3kkDhgp4kY&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3771</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3772&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8Fjuv3Y4FCHe2CiLCsbe-IE0H6MStlQoknbv6L_7Y7Q&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3772</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3773&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=LLxmvx25QJxvD0DY-1VFFQvP-Mfe2W2hFhHfoxWZ78Q&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3773</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3774&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=5meBk8mvpV3zSXN49pAv3Cg8rVmJBjabay4uLZUuOfU&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3774</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3775&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=wK9ELuhpGKU-GzpmwkyzYapd2iE2qwPGZ85gvVid4zQ&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3775</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3776&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=OG66tOQI0EX6_fm6R8Y1uhwRzCaxx3N9E55heCf1tbo&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3776</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3777&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=bDtEI37fzBqOVt3_eOVCm6eem83aXQVe1NF0hDAQWE0&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3777</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3778&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=n6Z0WNu9nRpiFySoKGoarswPH7ggZJvXiYDjtHXPMmw&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3778</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3779&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=G3SS3YmyofAwxkC7tP6NFhdZEcgOzOv02cpA46cqy7k&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3779</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3780&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=m-eSXj2o1_vLJnNegnN-F3UozUJhm75vdGz1X1a8eKo&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3780</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3781&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=-4XHeIsMOrxgQZx1bOgzfVv7UY434eHn-vNx4E7rw2g&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3781</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3782&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=qlh6vHVWrDV4Gwo2_HH0dl5OPWfTSxhPhudJ1KTT2Eo&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3782</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3783&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=_AE2zZN6UtUdQiSr493rGA0bj9z-aiKegD8HiPlh9po&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3783</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3784&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=L7ZfjWVAi-VqxJEMDPOfJFEEwgOgYLk0FppXyhhOcpM&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3784</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3785&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=bXrSK6Jz-XXFod04wR8fPcr9el9qlDVM51smbs31cAI&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3785</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3786&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=jsqumk0Es9iAnTO6wSyO0IyMOcxRnnwa-TkzbfDER3w&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3786</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3787&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=W90p9yO0EPzMP08p9GR93BEGUkdNRWHWbmTQS7C5BcQ&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3787</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3788&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=UdUAlpjJ0-eQxF76yxa-UdPC2SFXulrjEbCtabhsodY&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3788</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3789&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=u2paLgtvtlJRRAA6gXJaAaCZtN6ILoBcr7HYCleP4d8&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3789</span></a><span style="font-size:11.0pt;font-family:"Arial",sans-serif">
</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3790&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=LUPJ3GTw1Yw6BglFEK3nPNXXvMTi4mG8AAq6z5ghKsQ&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3790</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3791&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=jyj-SUl2JHz1lSyZI3etRro716Ur23Vg7L9hSS2FURI&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3791</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3794&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=RHpI2Rfl7cU3Fp23TYQuRqhRUgjXz5fIL8Qonu1kvXQ&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3794</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D9551&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=F7QCfETGEHTi3ZIqg1OwwZF6CZlOdj457mvm0gYHndc&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9551</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D9552&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8EgkLfA8VKgFO1UHRo5-DFNHoJAKyKScp7nC9ULtDTA&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9552</span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">24×7 Security Operations Center</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">Multi-State Information Sharing and Analysis Center (MS-ISAC)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">31 Tech Valley Drive</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">East Greenbush, NY 12061</span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="mailto:SOC@cisecurity.org"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#954F72">SOC@cisecurity.org</span></a><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">
- 1-866-787-4722 </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"><img border="0" width="313" height="53" style="width:3.2638in;height:.5555in" id="x_x_Picture_x0020_11" src="cid:image001.jpg@01D61266.E61D1C80" alt="cid:image001.jpg@01D40C67.01A3BDE0"></span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_CenterforIntSec_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=E_x3D_2BAVbE2Rf8feq2NgaceAjBx01bX9YZJLovbc4&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:windowtext;text-decoration:none"><img border="0" width="23" height="24" style="width:.243in;height:.25in" id="x_x_Picture_x0020_10" src="cid:image002.png@01D61266.E61D1C80" alt="cid:image002.png@01D291DE.F838E090"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_CISecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=lFdse_-DieTBN9Jwgw7eZVSq7MxI0eFI4MkWOItW2vI&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:windowtext;text-decoration:none"><img border="0" width="23" height="24" style="width:.243in;height:.25in" id="x_x_Picture_x0020_9" src="cid:image003.png@01D61266.E61D1C80" alt="cid:image003.png@01D291DE.F838E090"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.youtube.com_user_TheCISecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=3PL2tQmINgFo33iwlKosj2RhzRCFJnZwUMYX4Jbuo-A&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:windowtext;text-decoration:none"><img border="0" width="23" height="24" style="width:.243in;height:.25in" id="x_x_Picture_x0020_8" src="cid:image004.png@01D61266.E61D1C80" alt="cid:image004.png@01D291DE.F838E090"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.linkedin.com_company_the-2Dcenter-2Dfor-2Dinternet-2Dsecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=KrO7lzwBzM3k4BhinlHzCilRM2mC-n1G5aMKKO68JJM&e="><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:windowtext;text-decoration:none"><img border="0" width="23" height="24" style="width:.243in;height:.25in" id="x_x_Picture_x0020_7" src="cid:image005.png@01D61266.E61D1C80" alt="cid:image005.png@01D291DE.F838E090"></span></a><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" align="center" style="margin-left:1.5in;text-align:center">
<b><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">TLP: WHITE</span></b><o:p></o:p></p>
<p class="xxmsonormal" align="center" style="margin-left:1.5in;text-align:center">
<b><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black">Disclosure is not limited. Subject to standard copyright rules, TLP: WHITE information may be distributed without restriction.</span></b><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Arial",sans-serif"> </span><o:p></o:p></p>
<p class="xxmsonormal" style="margin-left:1.5in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
</div>
<p class="xxmsonormal" style="margin-left:1.5in">This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments
is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
<br>
<br>
. . . . . <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>